Four Steps to Ensuring Data Protection in the Hybrid Cloud

Data protection is one of the biggest concerns for IT and business leaders in moving to a hybrid cloud model. In a hybrid cloud, information is typically under control of the enterprise and a public cloud supplier at various points in its lifecycle. That means the business must put in the proper protections and backup for data when it is in motion, in process and at rest. It must also ensure that public cloud suppliers have the proper protections in place as well.

Organizations are more inclined than ever to use hybrid cloud models. According to Gartner, 50% of large enterprises will be using hybrid clouds by the end of 2017.1 Among the more popular use cases for hybrid cloud are Web and e-commerce applications that require elastic scalability; backup, archiving and disaster recovery platforms; batch processing; and test and development.

Security and data protection, however, remain a big issue. According to the 2013 Future of Cloud Computing Survey, security is viewed as the number one inhibitor to cloud deployments, cited by 46% of respondents.2 In the InformationWeek 2013 State of Cloud Computing Survey, more than 50% of respondents cited security as the top cloud risk.3

IT leaders can’t afford to ignore the benefits of the hybrid cloud, and they can’t fail to address the security challenges of hybrid cloud deployments. What to do? Here are four important ways in which IT can mitigate data protection concerns in the hybrid cloud:

Ask the right questions of your public cloud providers. Choosing the right public cloud provider is essential. You must ask them specifically what data protection features they deploy, as well as how they handle replication, backup and disaster recovery. Technologies that can help increase security include private virtual LANs that isolate virtual machines and separate network and server administrative duties. Also, don’t be hesitant to ask about the technology they use in their data centers and ask them to provide you copies of their security policies. If their policies and protections are less stringent than your own, you may have a problem.

Understand where you are vulnerable and deploy solutions that address concerns, particularly in protecting data as it travels between cloud environments. Certain products can offer security protection as data moves between your enterprise and the public cloud. One example is Intel Expressway Tokenization Broker, which offers an in-line proxy solution that can be deployed at the edge of the enterprise and the public cloud provider. It protects the traffic and data going into, out of or flowing in between Platform as a Service application programming interfaces (APIs) and providers. The gateway applies format-preserving encryption, tokenization or message-level security to API and Web services messages that are flowing through enterprise systems to cloud provider environments.

Centralize governance and control of cloud deployments within the IT organization. This will allow IT to control security policies, ensure compliance and put in the proper technologies and procedures for backup, archiving and recovery. The last thing you need is for a line-of-business manager to put the organization at risk by not doing the proper homework or not putting in the proper procedures in selecting a public cloud partner. IT should ensure that security features and compliance policies are managed consistently across the entire cloud environment -- public and private.

Use solutions optimized for data protection. For example, Intel architecture can help provide secure virtualization capabilities through hardware-assisted security, such as that provided by Intel Trusted Execution Technology and Intel Advanced Encryption Standard New Instructions (Intel AES-NI). Intel AES-NI provides performance benefits that make encryption far more efficient for data transport and storage workloads, which is important in hybrid cloud environments. In addition, make sure that the servers and devices being used in the hybrid cloud incorporate the latest built-in security protections, particularly Intel Trusted Execution Technology.

Here are sources for more information on data protection for your hybrid cloud deployment:

1 "Gartner Says Nearly Half of Large Enterprises Will Have Hybrid Cloud Deployments By the End of 2017," Gartner Inc., October 1, 20132 "Future of Cloud Computing Survey Reveals Business Driving Cloud Adoption in Everything as a Service Era; IT Investing Heavily to Catch up and Support Consumers Graduating from BYOD to BYOC," North Bridge, 20133 "Research: 2013 State of Cloud Computing," InformationWeek, April 29, 2013